Connect with us

Business

Elon Musk blasts Apple's OpenAI deal over alleged privacy issues. Does he have a point?

Published

on

Elon Musk blasts Apple's OpenAI deal over alleged privacy issues. Does he have a point?

When Apple holds its annual Worldwide Developers Conference, its software announcements typically elicit cheers and excitement from tech enthusiasts.

But there was one notable exception this year — Elon Musk.

The Tesla and SpaceX chief executive threatened to ban all Apple devices from his companies, alleging a new partnership between Apple and Microsoft-backed startup OpenAI could pose security risks. As part of its new operating system update, Apple said users who ask Siri a question could opt in for Siri to pull additional information from ChatGPT.

“Apple has no clue what’s actually going on once they hand your data over to OpenAI,” Musk wrote on X. “They’re selling you down the river.”

The partnership allows Siri to ask iPhone, Mac and iPad users if the digital assistant can surface answers from OpenAI’s ChatGPT to help address a question. The new feature, which will be available on certain Apple devices, is part of the company’s operating system update due later this year.

Advertisement

“If Apple integrates OpenAI at the OS level, then Apple devices will be banned at my companies,” Musk wrote on X. “That is an unacceptable security violation.”

Representatives for Musk and Apple did not respond to a request for comment.

In a keynote presentation at its developers conference on Monday, Apple said ChatGPT would be free for iPhone, Mac and iPad users. Under the partnership, Apple device users would not need to set up a ChatGPT account to use it with Siri.

“Privacy protections are built in for users who access ChatGPT — their IP addresses are obscured, and OpenAI won’t store requests,” Apple said on its website. “ChatGPT’s data-use policies apply for users who choose to connect their account.”

Many of Apple’s AI models and features, which the company collectively calls “Apple Intelligence,” run on the device itself, but some inquiries will require information to be sent through the cloud. Apple said that data is not stored or made accessible to Apple and that independent experts can inspect the code that runs on the servers to verify this.

Advertisement

Apple Intelligence will be available for certain models of Apple devices, such as the iPhone 15 Pro and iPhone 15 Pro Max and iPad and Mac with M1 and later.

So does Musk have a point? Technology and security experts who spoke to The Times offered mixed opinions.

Some pushed back on Musk’s assertion that Apple’s OpenAI deal poses security risks, citing a lack of evidence.

“Like a lot of things that Elon Musk says, it’s not based upon any kind of technical reality now, it’s really just based upon his political beliefs,” said Alex Stamos, chief trust officer at Mountain View, Calif.-based cybersecurity company SentinelOne. “There’s no real factual basis for what he said.”

Stamos, who is also a computer science lecturer at Stanford University and a former chief security officer at Facebook, said he was impressed with Apple’s data protection efforts, adding, “They’re promising a level of transparency that nobody’s really ever provided.

Advertisement

“It’s hard to totally prove at this point, but what they’ve laid out is about the best you could do to provide this level of AI services running on people’s private data while protecting their privacy,” Stamos said.

“To do the things that people have become accustomed to from ChatGPT, you just can’t do that on phones yet,” Stamos added. “We’re years away from being able to run those kinds of models on something that fits in your pocket and doesn’t burn a hole in your jeans from the amount of power it burns.”

Musk has been critical of OpenAI. He sued the company in February for breach of contract and fiduciary duty, alleging it had shifted its focus from an agreement to develop artificial general intelligence “for the benefit of humanity, not for a for-profit company seeking to maximize shareholder profits.” On Tuesday, Musk, who was a co-founder of and investor in OpenAI, withdrew his lawsuit. Musk’s San Francisco company, xAI, is a competitor to OpenAI in the fast-growing field of artificial intelligence.

Musk has taken aim at Apple in the past, calling it a “Tesla graveyard,” because, according to him, Apple had hired people that Tesla had fired. “If you don’t make it at Tesla, you go work at Apple,” Musk said in an interview with German newspaper Handelsblatt in 2015. “I’m not kidding.”

Still, Rayid Ghani, a machine learning and public policy professor at Carnegie Mellon University, said that, at a high level, he thinks the concerns Musk raised about the OpenAI-Apple partnership should be raised.

Advertisement

While Apple said that OpenAI is not storing Siri requests, “I don’t think we should just take that at face value,” Ghani said. “I think we need to ask for evidence of that. How does Apple ensure that processes are there in place? What is the recourse if it doesn’t happen? Who’s liable, Apple or OpenAI, and how do we deal with issues?”

Some industry observers also have raised questions about the option for Apple users who have a ChatGPT account to link it with their iPhone, and what information is collected by OpenAI in that case.

“We have to be careful with that one — linking your account on your mobile phone is a big deal,” said Pam Dixon, executive director of the World Privacy Forum. “I personally would not link until there is a lot more clarity about what happens to the data.”

OpenAI pointed to a statement on its website that says, “Users can also choose to connect their ChatGPT account, which means their data preferences will apply under ChatGPT’s policies.” The company declined further comment.

Under OpenAI’s privacy policy, the company says it collects personal information that is included in the input, file uploads or feedback when account holders use its service. ChatGPT has a way for users to opt out of having their inquiries used to train AI models.

Advertisement

As the use of AI becomes more entwined with people’s lives, industry observers say that it will be crucial to provide transparency for customers and test the trustworthiness of the AI tools.

“We’re going to have to understand something about AI. It’s going to be a lot like plumbing. It’s going to be built into our devices and our lives everywhere,” Dixon said. “The AI is going to have to be trustworthy and we’re going to need to be able to test that trustworthiness.”

Night Archiving Supervisor Valerie Hood contributed to this report.

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Business

What is CrowdStrike, and how did it cripple so many computers?

Published

on

What is CrowdStrike, and how did it cripple so many computers?

Talk about irony: The software that paralyzed Windows computers around the world late Thursday night and early Friday morning was planted by a company that protects Windows computers against malware.

That company is CrowdStrike, a publicly traded cybersecurity firm based in Austin, Texas. It acknowledged the problem around 11 p.m. Thursday and started working on a solution, offering a workaround in the wee hours Friday and a fix a few hours later.

The vast sea of Blue Screens of Death triggered by CrowdStrike’s error is a testament to the market-leading status of the company’s software, which detects and defends against malicious code planted by hackers. Its approach is known as “endpoint security” because it installs its defenses on devices that connect to the internet, such as computers and smartphones.

According to the website 6sense.com, CrowdStrike has more than 3,500 customers, which represent about one of every four companies buying endpoint security. Although most of its customers are based in the United States, it has hundreds in India, Europe and Australia, 6sense reports.

Here’s a quick explanation for how things went wrong so quickly for so many Windows users around the world, including airlines, hospitals, banks and government agencies.

Advertisement

The Falcon Sensor update

One of the selling points of CrowdStrike service is that it can improve its defenses rapidly as new threats are discovered. As part of that service, it continuously and automatically updates the Falcon Sensor software on its customers’ machines.

Automatic updates are, under normal circumstances, a good cybersecurity practice because they prevent clients from having machines with outdated defenses on their networks. But the latest incident reveals the flip side of the coin.

According to CrowdStrike, the problem was triggered by a “single content update” for its customers with Windows PCs. The buggy code wasn’t detected until after it had downloaded and installed on many of CrowdStrike’s clients machines.

Once loaded, the bad update interfered with core functions of the PC, causing Microsoft’s infamous blue error screen to pop up and convey a message along the lines of, “Your PC ran into a problem and needs to restart.” And as long as the update remained in place, restarting the machine led to the same errant result.

The fix offered by CrowdStrike

CrowdStrike stopped sending out the faulty update early Friday morning, so machines that had not loaded it yet were spared the turmoil.

Advertisement

For machines caught in the cycle of blue-screen hell, the company initially offered step-by-step instructions for how to reboot Windows in a mode that would allow them to find and delete the buggy update. The drawback, as many commenters online noted, is that this machine-by-machine approach isn’t much help for organizations with hundreds or thousands of bricked PCs.

According to the tech website 404, Microsoft also suggested rebooting a crashed machine multiple times — as many as 15 — could solve the problem.

Within a few hours, CrowdStrike was distributing a piece of software that removed the buggy code. This worked only for customers whose machines were able to connect to the internet and download the fix, though; everyone else would be left with the PC-by-PC workaround.

The lessons from the CrowdStrike debacle

Some Macintosh and Linux users, who were immune to the CrowdStrike-induced upheaval, devoted a portion of their morning Friday to spiking the football on Windows, even though the problem wasn’t caused by Microsoft.

Other observers argued that the incident demonstrated the risk of having one potential point of failure affecting millions of computers — a problem that has been demonstrated repeatedly during the broadband era.

Advertisement

Steve Garrison, founder of Stellar Cyber in San Francisco, said it’s more important to figure out how to make improvements than to play the blame game. This incident, he said, underscores the need for companies to spend plenty of time checking the quality of their products in a controlled environment before releasing them to customers.

Another lesson, he said, is the need for companies, their competitors and their customers to work together as a community to spot problems. “What do we need to do to check the checkers of our supply chain?” he asked.

Dan O’Dowd, a developer of security software for the military, said the fiasco demonstrates that we need better software in critical systems.

“The immense body of software developed using Silicon Valley’s ‘move fast and break things’ culture means that the software our lives depend on is riddled with defects and vulnerabilities,” O’Dowd said in a statement. “Defects in this software can result in a mass failure event even more serious than the one we have seen today.”

He added, “We must convince the CEOs and Boards of Directors of the companies that build the systems our lives depend on to rewrite their software so that it never fails and can’t be hacked. … These companies will not take cybersecurity seriously until the public demands it. And we must demand it now, before a major disaster strikes.”

Advertisement
Continue Reading

Business

Column: Who elected Elon Musk our arbiter of social norms?

Published

on

Column: Who elected Elon Musk our arbiter of social norms?

Here’s a handy two-step process for taking a thoughtful and judicious approach to the burning social and political issues of our time:

1. Examine closely the position taken by Elon Musk, and;

2. Go the other way.

Musk’s drift — more precisely, his headlong dive — into right-wing orthodoxies has been well-chronicled. He has openly endorsed antisemitic tropes, called for the prosecution of the respected immunologist Anthony Fauci (evidently buying into the right-wing fantasy that Fauci helped create the COVID-19 pandemic), and associated himself with a grotesquely ugly conspiracy theory about the assault on the husband of former House Speaker Nancy Pelosi.

This is the final straw.

— Elon Musk, explaining that California’s pro-transgender law provoked him to relocating his companies to Texas

Advertisement

He reversed policies at X, formerly Twitter, designed to block hate speech, including racist and antisemitic tweets. That has turned the platform into a hive of repulsive partisan commentary.

(Musk blames an imaginary advertisers’ “boycott” for the user decline at X, though the repulsive atmosphere of the platform since his acquisition probably has done more to drive users and advertisers away.)

Musk again put his acrid personal worldview vividly on display with his announcement Tuesday that he would move two of his private companies, Hawthorne-based SpaceX and San Francisco-based X, to Texas.

Advertisement

He made clear that his decision was triggered by Gov. Gavin Newsom’s signing of a law that bars school districts from requiring teachers to notify parents of their children’s gender identity changes. Newsom signed the law on Monday.

“This is the final straw,” Musk posted on X. He described the law as one of “many others” in California “attacking both families and companies.”

A few things about this.

Advertisement

If anything, Musk’s corporate activities point to what is often described as a “whim of iron.” He defends his policies and politics as derived from painstaking consideration based on immutable laws of human behavior, but they don’t hold water on those terms. Instead, they point to the social dangers of endowing self-interested personalities with the money to buy unaccountable influence in conflict with the public interest.

Musk appears to have a real problem with transgender rights. According to the Musk biography by Walter Isaacson, this may have originated with the decision of his eldest child, Xavier, to transition at the age of 16. “I’m transgender, and my name is now Jenna,” she texted a relative. “Don’t tell my dad.”

Jenna followed up with a political awakening that Musk ascribed to her attendance at a private school in California. “She went beyond socialism to being a full communist and thinking that anyone rich is evil,” he told Isaacson. Jenna broke off all contact with him.

Further, as is the case with much of Musk’s worldview, his claim about California’s attacks on families and companies is fundamentally incoherent.

The new California law is the antithesis of an attack on families. It aims to protect the right of parents to seek the most appropriate medical treatments for their children. Anti-transgender activists who have gotten laws enacted in 20 red states interfering with these medical consultations typically characterize them as “parents’ rights” measures, when they’re just the opposite — they interpose right-wing ideologies between these families and their doctors.

Advertisement

That’s the state of play in Texas, the putative new home of SpaceX and X. There, a law that became effective on Sept. 1, 2023, prohibited treatments widely accepted by medical professionals for “gender dysphoria” experienced by adolescents.

These are chiefly the use of puberty blockers to give the patients more time to affirm their gender perception, and once that stage is achieved the use of cross-sex hormones —estrogen for males transitioning to female, and testosterone for females transitioning to male.

The Texas law threatens physicians who violate the law in treating their patients with the loss of their medical license.

A trial judge, ruling in a lawsuit brought by parents of transgender youths and by doctors who treat patients in that position, blocked the law shortly before it was to take effect. The injunction was overturned late last month by the Texas Supreme Court in an 8-1 decision.

The majority made clear that its decision had nothing to do with the weight of medical opinion, which overwhelmingly supported the treatments at issue when undertaken through careful consultation.

Advertisement

The issue at the heart of the debate, asserted Justice James D. Blacklock in a concurring opinion, “is one of philosophy, morality, even religion. The medical debates at issue in this litigation are merely the surface-level consequences of deep disagreement over the deepest of questions about who we are.”

The majority justices ruled that the Legislature was entirely within its rights to place limits on medical practice and parental authority in Texas. They asserted that barring parents from seeking medically indicated treatment of their children’s gender dysphoria was no different from a state law forbidding minors from getting tattoos, even with their parents’ permission.

“Of course,” responded Justice Debra H. Lehrmann, the court’s lone dissenter, “there is nothing remotely medically necessary about tattooing.” Depriving adolescents of gender dysphoria therapies, on the other hand, can be severely injurious to the patient’s physical and mental health.

If Musk thinks that Texas’ policies on parental rights are superior to California’s, he might ask the parents of transgender youths who have been driven out of Texas to seek treatment because of this ignorant and ideologically infected law.

Texas boosters, Musk included, like to describe the state as the coming place for venture investing. The truth is rather different. According to the National Venture Capital Assn., Texas has been mired in also-ran status for at least the last decade, a period in which it has been supposedly booming.

Advertisement

California’s position as the top state in venture funding has never been seriously challenged. In 2023, California VC funds raised $37 billion; Texas ranked seventh, with less than $1.2 billion. Of the top 10 venture deals by value last year, the NVCA reckons, eight involved California companies. The others were located in New York and Washington, D.C. Texas had none.

And in terms of assets under management by firms based in the state, California continues to reign with $644.5 billion as of last year. Texas ranks fifth, at less than $32.5 billion. It was edged out by No. 4 Florida, with $33.6 billion, but the figures for both Florida and Texas are a big drop-off from No. 3, Massachusetts, with $121.7 billion.

It’s not as if Austin, where Musk is hanging his Texas Stetson, offers newcomers a paradisiacal environment. In 2022, TechCrunch dubbed Austin “a city of unicorns and tech giants.” The thrill hasn’t lasted. Recent transplants have found that its boosters’ depiction of a vibrant intellectual climate was oversold. “Austin is where ambition goes to die,” an unhappy California immigrant told Business Insider.

Then there are its punishing summers — 78 days of triple-digit temperatures in 2023 — and soaring housing prices. Although Austin boasts one of the features of tech hubs, a leading research institution in the University of Texas, the state’s partisan political environment has turned increasingly hostile, with bills passed into law this year banning diversity, equity and inclusion (DEI) programs and narrowing faculty tenure protections.

Texas has the most restrictive anti-abortion law in the nation, with an almost total ban and a prohibition even on private health plan coverage of abortions. That hardly makes for an inviting prospect for women of childbearing age or for young families interested in the full range of reproductive healthcare options.

Advertisement

One advantage Texas has over California is something a rich entrepreneur like Musk would appreciate the most: It has no state income tax.

Musk can scarcely claim that his own corporate policies are family-friendly. They are, however, arguably self-destructive. Consider his treatment of thousands of former Twitter employees who were summarily fired after he took over the platform in October 2022 and are suing to receive severance payments, bonuses and other benefits they were promised before the takeover.

The mass firings have given rise to about 2,000 arbitration cases and a dozen class-action lawsuits, according to Shannon Liss-Riordan, a Massachusetts labor lawyer who represents the workers in arbitration and filed the lawsuits.

Among the workers’ claims is that while Musk was working to close his acquisition of Twitter, as it was then known, the company promised employees that they would be entitled to “benefits and severance at least as favorable” as what Twitter provided before the Musk takeover. The promises were made by company executives in a series of all-hands meetings at Twitter headquarters and were written into the merger agreement Musk and Twitter management negotiated in April 2022.

“The promises were made to keep employees from fleeing the company during those chaotic months before Musk closed on the acquisition,” Liss-Riordan told me. “Then after he closed, he just defaulted on that promise.”

Advertisement

Neither Musk nor spokespersons for X or SpaceX could be reached for comment.

Although many if not most of the X employees were required to bring their claims to arbitration, Musk initially refused to pay the arbitration fees that are typically charged to the employer in such cases.

That has frozen the proceedings in more than 800 cases, though not those originating in California, Oregon and Nevada, where employers don’t have the legal ability to refuse. About a third of the 2,000 arbitration claims are in California, Liss-Riordan says.

Leaving aside the ethical implications of a company’s forcing employees into arbitration and then refusing to allow the cases to proceed, Musk’s demand that ex-employees submit to arbitration may be exceptionally more costly for the company than trying to reach a general settlement. Arbitration fees can average $100,000 per case, Liss-Riordan told me; hundreds of millions of dollars in claims may be at issue.

“You have to scratch your head over why Elon Musk has to fight this so hard,” she says. “Would it really be that big a deal to pay the employees what was promised to them? Frankly, it doesn’t seem worth his time.”

Advertisement

Continue Reading

Business

Judge grants Wonderful's request to halt UFW effort to unionize company's workers

Published

on

Judge grants Wonderful's request to halt UFW effort to unionize company's workers

After more than a month of deliberation, a Kern County Superior Court judge has sided with Wonderful Co. and issued a preliminary injunction that will temporarily halt a contentious bargaining process between the agricultural giant and the state’s largest farmworker union.

In a ruling issued Thursday, Judge Bernard C. Barmann said Wonderful “was likely to prevail” in its legal challenge to the state’s relatively new system for organizing farmworkers and faced irreparable harm if the United Farm Workers union is allowed to pursue a bargaining agreement on behalf of the company’s nursery workers before the case is decided.

“The court finds that the public interest weighs in favor of preliminary injunctive relief given the constitutional rights at stake in this matter,” Barmann wrote in the 21-page decision. Wonderful “has met its burden that a preliminary injunction should issue until the matter may be heard fully on the merits.”

Wonderful, the $6-billion agricultural powerhouse owned by Stewart and Lynda Resnick, sued the state Agricultural Labor Relations Board in May, challenging the constitutionality of the state’s so-called card-check system, which Gov. Gavin Newsom signed into law in 2022. Under its provisions, a union can organize farmworkers by inviting them to sign authorization cards at off-site meetings, without notifying an employer, rather than voting by secret ballot at a designated polling place.

Union organizers had pressed for the revised card-check law, contending the secret ballot process left workers fearful of retaliation from their employer.

Advertisement

But Wonderful, whose portfolio includes such well-known brands as FIJI Water and POM Wonderful, alleges in its lawsuit that the law deprives employers of due process on multiple fronts. Among them: forcing a company to enter a collective bargaining agreement even if it has formally appealed the ALRB’s certification of a union vote and presented what it believes is evidence that the voting process was fraudulent.

The temporary injunction marks the latest twist in a tumultuous dispute over the UFW’s unionization campaign at Wonderful Nurseries in Wasco, the nation’s largest grapevine nursery.

In late February, the UFW filed a petition with the labor relations board, asserting that a majority of the 600-plus farmworkers at the nursery had signed authorization cards and asking that the UFW be certified as their union representative.

Within days, Wonderful accused the UFW of having baited farmworkers into signing the authorization cards under the guise of helping them apply for $600 in federal relief for farmworkers who labored during the pandemic. And the company submitted nearly 150 signed declarations from nursery workers saying they had not understood that by signing the cards they were voting to unionize.

The UFW countered that Wonderful had intimidated workers into making false statements and had brought in a labor consultant with a reputation as a union buster to manipulate their emotions in the weeks that followed.

Advertisement

The ALRB acknowledged receiving the worker declarations from Wonderful; nonetheless, the regional director of the labor board moved forward three days later to certify the union’s petition. She has said in subsequent hearings that she felt she had to move quickly under the timeline laid out in the card-check law, and that at the time she did not think the statute authorized her to investigate allegations of misconduct.

Wonderful appealed the ALRB’s certification.

Under the provisions of the card-check law, the UFW’s efforts to bargain with the company on behalf of its nursery workers moved forward, even as Wonderful’s appeal of the certification was working its way through the ALRB’s administrative hearing process. The ALRB issued a ruling last week ordering Wonderful to enter into a mandatory mediation process with the union to establish a collective bargaining agreement.

In its lawsuit, filed in May, Wonderful challenges the constitutionality of the card-check system on multiple fronts. The lawsuit alleges that the company’s due process rights were violated when the labor board moved to certify the UFW’s petition before investigating the company’s allegations that the vote was fraudulent; and more broadly that the card-check system does not have adequate safeguards in place to ensure the veracity of the voting process.

The company asked the judge to halt the unionization effort at its nursery, as well as the ALRB’s administrative hearing process regarding the company’s appeal, while the lawsuit moved forward in Kern County court.

Advertisement

In a statement released Thursday evening, Rob Yraceburu, president of Wonderful Nurseries, said the company was “gratified” by the court’s decision to pause the certification process until the constitutionality of the card check law can be “fully and properly considered.”

“In addition,” Yraceburu said, “farmworkers had been wrongly barred from objecting to a union being forced on them, and this ruling states that Wonderful indeed has the standing to fight to ensure those constitutional rights of farmworkers, including their due process and First Amendment rights, are not violated.”

UFW spokesperson Elizabeth Strater countered that the ruling “ignores 89 years of labor law precedent” and indicated the decision to grant the preliminary injunction would be appealed.

“There is already a process to address wrongdoing in elections and Wonderful was in the middle of that process. Why does Wonderful want to halt that process and silence workers so their voices are not heard?” Strater said. “It’s very clear Wonderful is determined to use its considerable resources to deny farmworkers their rights.”

In a May 30 filing, the state had urged the court to deny Wonderful’s request for an injunction. California Atty. Gen. Rob Bonta, arguing on behalf of the ALRB, said Wonderful had failed to demonstrate that the card-check law was causing “irreparable harm or any likelihood of deprivation of its rights.” Bonta also argued that the Superior Court lacked jurisdiction in the case.

Advertisement

Santiago Avila-Gomez, executive secretary with the ALRB, said Thursday evening the agency is “reviewing the ruling carefully and won’t have further comment at this time.”

The UFW, meanwhile, is pursuing its own legal action against Wonderful. The union has filed a formal complaint of unfair labor practices with the ALRB, accusing Wonderful of coercing workers into attending “captive audience” meetings to urge employees to reject UFW representation. ALRB General Counsel Julia Montgomery issued a complaint in April, similar to an indictment, alleging Wonderful committed unfair labor practices by unlawfully assisting them in drafting declarations to revoke their authorization cards.

The company has largely denied the allegations.

This article is part of The Times’ equity reporting initiative, funded by the James Irvine Foundation, exploring the challenges facing low-income workers and the efforts being made to address California’s economic divide.

Advertisement
Continue Reading
Advertisement

Trending